I used following commands to prevent -almost- any outgoing internet connection from my Linux computer when VPN connection is not active. It is simple and it works.
Reset ufw rules to default # ufw --force reset Drop all incoming traffic # ufw default deny incoming Drop all outgoing traffic # ufw default deny outgoing Let firewall allow outbound VPN traffic # ufw allow out on tun0 Let firewall allow VPN connection to be established Change IP, port and protocol values as per your VPN server config Example: ufw allow out to 255.255.255.255 port 9999 proto udp # ufw allow out to $serverIP port $port proto $proto Run firewall and make it start automatically during startup # ufw enable
I’m a US-based software engineer with a background in law. I share mostly practical tech notes here for my future self and anyone who finds them useful.
One of the things I’ve built is Masterlist: Focus & Tasks, a privacy-focused, local-storage-only task manager that offers focus tracking tied to tasks and projects, compatible with the Pomodoro technique.
1 thought on “How to prevent leaks from VPN”